crediperuya.subsidiosdelgobierno.xyz Open in urlscan Pro
45.77.82.226 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://crediperuya.subsidiosdelgobierno.xyz/
Submission: On March 07 via automatic, source certstream-suspicious (March 7th 2024, 9:18:44 pm UTC) — Scanned from DE

Summary HTTP 72 Redirects Behaviour Indicators

Summary

This website contacted 19 IPs in 3 countries across 12 domains to perform 72 HTTP transactions. The main IP is 45.77.82.226, located in Miami, United States and belongs to AS-CHOOPA, US. The main domain is crediperuya.subsidiosdelgobierno.xyz.
TLS certificate: Issued by R3 on March 7th 2024. Valid for: 3 months.

This is the only time crediperuya.subsidiosdelgobierno.xyz was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
15	45.77.82.226 45.77.82.226	20473 (AS-CHOOPA) (AS-CHOOPA)
1	2a00:1450:400... 2a00:1450:4001:82b::200a	15169 (GOOGLE) (GOOGLE)
9	2a00:1450:400... 2a00:1450:4001:809::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:80e::2008	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:82a::2003	15169 (GOOGLE) (GOOGLE)
1	2001:4860:480... 2001:4860:4802:32::36	15169 (GOOGLE) (GOOGLE)
1	192.0.77.48 192.0.77.48	2635 (AUTOMATTIC) (AUTOMATTIC)
2	2a00:1450:400... 2a00:1450:4001:80e::2001	15169 (GOOGLE) (GOOGLE)
8	2a00:1450:400... 2a00:1450:4001:808::2002	15169 (GOOGLE) (GOOGLE)
1	2a02:2638:3::12 2a02:2638:3::12	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
4	2a00:1450:400... 2a00:1450:4001:810::2001	15169 (GOOGLE) (GOOGLE)
1	2a02:2638:3::9 2a02:2638:3::9	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	2a00:1450:400... 2a00:1450:4001:806::2004	15169 (GOOGLE) (GOOGLE)
12	2a02:2638:3::3 2a02:2638:3::3	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	178.250.1.6 178.250.1.6	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	2606:4700::68... 2606:4700::6811:190e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
8	2a02:2638:3::10 2a02:2638:3::10	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
2	2a02:2638:3::1a 2a02:2638:3::1a	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
72	19

15 45.77.82.226 (Miami, United States)

ASN20473 (AS-CHOOPA, US)
PTR: 45.77.82.226.vultrusercontent.com

crediperuya.subsidiosdelgobierno.xyz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82b::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a00:1450:4001:809::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80e::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82a::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 192.0.77.48 (San Francisco, United States)

ASN2635 (AUTOMATTIC, US)
PTR: s.w.org

s.w.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80e::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

800cf7c0b6238239c2fca5664f34691f.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:4001:808::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:2638:3::12 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

ads.eu.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:810::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:2638:3::9 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

rtb.nl3.eu.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:806::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 2a02:2638:3::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

static.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.250.1.6 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

cat.nl3.eu.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:190e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a02:2638:3::10 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

imageproxy.eu.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:2638:3::1a (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

csm.eu.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
22	criteo.net static.criteo.net — Cisco Umbrella Rank: 677 imageproxy.eu.criteo.net — Cisco Umbrella Rank: 10026 csm.eu.criteo.net — Cisco Umbrella Rank: 9677	244 KB
15	subsidiosdelgobierno.xyz crediperuya.subsidiosdelgobierno.xyz	201 KB
14	googlesyndication.com 800cf7c0b6238239c2fca5664f34691f.safeframe.googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 104 tpc.googlesyndication.com — Cisco Umbrella Rank: 161	125 KB
9	doubleclick.net securepubads.g.doubleclick.net — Cisco Umbrella Rank: 214	195 KB
3	criteo.com ads.eu.criteo.com — Cisco Umbrella Rank: 9660 rtb.nl3.eu.criteo.com — Cisco Umbrella Rank: 15045 cat.nl3.eu.criteo.com — Cisco Umbrella Rank: 10817	55 KB
2	gstatic.com fonts.gstatic.com	48 KB
1	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 228	5 KB
1	google.com www.google.com — Cisco Umbrella Rank: 2	1 KB
1	w.org s.w.org — Cisco Umbrella Rank: 3340	626 B
1	google-analytics.com region1.google-analytics.com — Cisco Umbrella Rank: 2089	269 B
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 40	94 KB
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 30	1 KB
72	12

	Domain	Requested by
15	crediperuya.subsidiosdelgobierno.xyz	crediperuya.subsidiosdelgobierno.xyz
12	static.criteo.net	ads.eu.criteo.com cdnjs.cloudflare.com static.criteo.net
9	securepubads.g.doubleclick.net	crediperuya.subsidiosdelgobierno.xyz securepubads.g.doubleclick.net 800cf7c0b6238239c2fca5664f34691f.safeframe.googlesyndication.com
8	imageproxy.eu.criteo.net	ads.eu.criteo.com
8	pagead2.googlesyndication.com	securepubads.g.doubleclick.net 800cf7c0b6238239c2fca5664f34691f.safeframe.googlesyndication.com tpc.googlesyndication.com pagead2.googlesyndication.com
4	tpc.googlesyndication.com	800cf7c0b6238239c2fca5664f34691f.safeframe.googlesyndication.com securepubads.g.doubleclick.net tpc.googlesyndication.com
2	csm.eu.criteo.net	ads.eu.criteo.com
2	800cf7c0b6238239c2fca5664f34691f.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
2	fonts.gstatic.com	fonts.googleapis.com
1	cdnjs.cloudflare.com	ads.eu.criteo.com
1	cat.nl3.eu.criteo.com	ads.eu.criteo.com
1	www.google.com	tpc.googlesyndication.com
1	rtb.nl3.eu.criteo.com	800cf7c0b6238239c2fca5664f34691f.safeframe.googlesyndication.com
1	ads.eu.criteo.com	800cf7c0b6238239c2fca5664f34691f.safeframe.googlesyndication.com
1	s.w.org	crediperuya.subsidiosdelgobierno.xyz
1	region1.google-analytics.com	www.googletagmanager.com
1	www.googletagmanager.com	crediperuya.subsidiosdelgobierno.xyz
1	fonts.googleapis.com	crediperuya.subsidiosdelgobierno.xyz
72	18

This site contains no links.

Subject Issuer	Validity	Valid
crediperuya.subsidiosdelgobierno.xyz R3	`2024-03-07` - `2024-06-05`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2024-02-19` - `2024-05-13`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2024-02-19` - `2024-05-13`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2024-02-19` - `2024-05-13`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2024-02-19` - `2024-05-13`	3 months	crt.sh
*.w.org Sectigo ECC Domain Validation Secure Server CA	`2023-12-18` - `2025-01-17`	a year	crt.sh
*.eu.criteo.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2024-02-08` - `2024-05-06`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2024-02-19` - `2024-05-13`	3 months	crt.sh
*.nl3.eu.criteo.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2024-02-06` - `2024-05-03`	3 months	crt.sh
www.google.com GTS CA 1C3	`2024-02-19` - `2024-05-13`	3 months	crt.sh
*.criteo.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2024-02-17` - `2024-05-17`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-07-03` - `2024-07-02`	a year	crt.sh
*.eu.criteo.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2024-02-28` - `2024-05-31`	3 months	crt.sh

This page contains 6 frames:

Primary Page: https://crediperuya.subsidiosdelgobierno.xyz/
Frame ID: 596D117E52DAEEBDCC4EBC9659C0502A
Requests: 33 HTTP requests in this frame

Frame: https://800cf7c0b6238239c2fca5664f34691f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 7CE0A64381EF54D7B3048973C2932AD2
Requests: 1 HTTP requests in this frame

Frame: https://800cf7c0b6238239c2fca5664f34691f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: B1F482B40A299A6326935D0197446327
Requests: 9 HTTP requests in this frame

Frame: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZeovLwAG7SIIVSPTAAmYIH16KdX8H8lxYy6jvQ&u=%7CrlNL4FeozktBkLQMuiP0nUmLVprtzmhvTTjFX3rbzy4%3D%7C&c1=JrbohDAzizBCiLKN5O6jHUI-6dJ9lV_AM8iEE4GHx4VBZk7o6r4u2Tz-b9i3H_G-X5MXpmH_vXDDH0SawykmzZuAftwpH9y4hW0aN2ewrhekG2q4XSkM65GSC5-OGk5g0KgBT7uk-InOUKpyr6Y-TNsmgx7RhsfdAYH1upSoWeTOo1yLVZpm6ZXfvW-34JjZomBXmSVXtztYMgRUH6cl-BrwZEq19xoVM5KLZm9htb0XZ_dZbrMw0XI5c88cB6F3zCv9N3nzEYo9N4CRQFC_C1uAJch7Onc1OJ-L-S8GyCPo3UrcCt-ebbplzqdyk8IWX4nxa9CECv3w4pExXtaU-BxBnbvOWq27qmp-PsgLMvz-btSw0S9wr-UU0G6k4oGMZtdsTIE6RFwy3hE55CIZ4zh6LaxtadjtcmBUKvy_-znoO513opltK-2EQbFp_aLzAapoLN0J7P9xeNRnE1lbCGY_1wk1Xzhg8v5ER8jA6Zaw8YIVC5kIjSO5Cil-1xm1-_Cy3PyDOeMGYY9gBg2EDpgLNOZICgw0RzxMyUBzXP2KWamqvc-x5RiOf6OewWMmd3EVdA1rBD6Fnav1XF3Z5oLqZVCkXLkOq7gbZQtUELpReTc08bEm9jmq0eVm9BVvL4H4nxfO9gp6g2DXlQwwsw&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCb_LvLy_qZaLaG9PH1PIPoLCm8AfJntKxXNWdkfdwwI23ARABIABglZqngrAHggEXY2EtcHViLTIyMzAzNjI3MTMyOTY1NTDIAQmpAslggL_tSbI-4AIAqAMByAMCqgTkAk_QzXIrXnIm2I2n1u8fH0Abz-kH7-sS96kB5y-yAjWaemaFAsukIHDA0L9TDrKKtsp_sqztDTskAducKF9TN5ajmFZHw6KTVAGJvzfkC5R7vvv4cUh5pAuKE8XE35J8ABSfUxK9EpruSiWgI7fDx9f-0pasiXC4Mn56WdM8EAAOHLhnO0yNk-GUib8bc-CIeUdm6DmUIkBFyngCX_3fqGjGVEYz0g5CkqiEKTYd7t08imqmShpN0CAcmhluKz0q5dX0Gz3SBRKqklcBNiJKod0C2sDksmTaEw_QDYXdUsFb3QAkIriLdHA00jAxhCQkStYkocqgLb9A6-OzHAFCZqyKaNxhRW7cv4nQTA7-Bxwmx9ZWxiYjw6OMJ6nvYly5BtLjsCiZl04cRqDbxynaSnzmAd42IoL22IiDFYjfMNqIljjJ2ARxKoTkSe8B1_W6UBzQqwVIqGGJrM9iJaGeBWlc-5Zu4AQBgAar7t-w7t2U2ewBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAqgHrb6xAtgHANIIKQiR4YBwEAEyB-uLgOC_gA06CYBAgICAgICUKEi9_cE6WKa88POJ44QD-gsCCAGADAHiDRMI7eTw84njhAMV0yNVCB0gmAl-0BUBgBcB%26num%3D1%26sig%3DAOD64_1izXrmUKrgPhGBfIvqGWoLfR-7BQ%26client%3Dca-pub-2230362713296550%26adurl%3D
Frame ID: 5042FD57A7B7B0DB442DDB844728B4F9
Requests: 25 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 20B88A0680198E5E0934382142B13467
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 55761BA259C7518E4A7F74D7E440CC11
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Guía para financiar tus Sueños -

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

<link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
/wp-(?:content|includes)/

Yoast SEO (SEO) Expand

Overall confidence: 100%
Detected patterns

<!-- This site is optimized with the Yoast (?:WordPress )?SEO plugin v([\d.]+) -

DoubleClick Ad Exchange (AdX) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

tpc\.googlesyndication\.com/safeframe

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

Page Statistics

72
Requests

99 %
HTTPS

83 %
IPv6

12
Domains

18
Subdomains

19
IPs

3
Countries

970 kB
Transfer

2317 kB
Size

4
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

72 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
crediperuya.subsidiosdelgobierno.xyz/ 252 KB
52 KB 589ms
285ms Document
text/html 45.77.82.226
AS-CHOOPA

General

Check archive.org

Show headers Download Go to

Full URL: https://crediperuya.subsidiosdelgobierno.xyz/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 45.77.82.226 Miami, United States, ASN20473 (AS-CHOOPA, US),
Reverse DNS: 45.77.82.226.vultrusercontent.com
Software: nginx /
Resource Hash: 2d480a91fbe88d77986d732e9484ef3b4c326b7c6a785262ebf5a5987ce31e7d

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 68
cache-control: max-age=0, s-maxage=2592000
cache-provider: CLOUDWAYS-CACHE-DC
content-encoding: gzip
content-length: 53080
content-type: text/html; charset=UTF-8
date: Thu, 07 Mar 2024 21:18:38 GMT
expires: Thu, 07 Mar 2024 21:17:29 GMT
last-modified: Thu, 07 Mar 2024 21:17:29 GMT
link: <https://crediperuya.subsidiosdelgobierno.xyz/wp-json/>; rel="https://api.w.org/", <https://crediperuya.subsidiosdelgobierno.xyz/wp-json/wp/v2/pages/8>; rel="alternate"; type="application/json", <https://crediperuya.subsidiosdelgobierno.xyz/>; rel=shortlink
server: nginx
vary: Accept-Encoding
x-cache: HIT

GET
H2 200 main.min.css
crediperuya.subsidiosdelgobierno.xyz/wp-content/themes/astra/assets/css/minified/ 41 KB
8 KB 172ms
170ms Stylesheet
text/css 45.77.82.226
AS-CHOOPA

General

Check archive.org

Show headers Download Go to

Full URL: https://crediperuya.subsidiosdelgobierno.xyz/wp-content/themes/astra/assets/css/minified/main.min.css?ver=4.1.6
Requested by: Host: crediperuya.subsidiosdelgobierno.xyz
URL: https://crediperuya.subsidiosdelgobierno.xyz/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 45.77.82.226 Miami, United States, ASN20473 (AS-CHOOPA, US),
Reverse DNS: 45.77.82.226.vultrusercontent.com
Software: nginx /
Resource Hash: 3e00f328633eccb116ed74ae31ffb435407709d081ee6296f9ecf200ecc2e9ee

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://crediperuya.subsidiosdelgobierno.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Thu, 07 Mar 2024 21:18:38 GMT
content-encoding: gzip
last-modified: Thu, 07 Mar 2024 21:11:37 GMT
server: nginx
etag: W/"65ea2d89-a20a"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=31536000

GET
H2 200 css
fonts.googleapis.com/ 6 KB
1 KB 139ms
51ms Stylesheet
text/css 2a00:1450:4001:82b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Karla%3A400%7CRubik%3A600%2C500&display=fallback&ver=4.1.6

Requested by

Host: crediperuya.subsidiosdelgobierno.xyz
URL: https://crediperuya.subsidiosdelgobierno.xyz/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e33983a2f276af47bd08abacbbad019f19d163994fdb8bd9c6e4beb75bdf52c5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://crediperuya.subsidiosdelgobierno.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Thu, 07 Mar 2024 21:18:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Thu, 07 Mar 2024 21:18:38 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 07 Mar 2024 21:18:38 GMT

GET
H2 200 style.min.css
crediperuya.subsidiosdelgobierno.xyz/wp-includes/css/dist/block-library/ 108 KB
14 KB 208ms
207ms Stylesheet
text/css 45.77.82.226
AS-CHOOPA

General

Check archive.org

Show headers Download Go to

Full URL: https://crediperuya.subsidiosdelgobierno.xyz/wp-includes/css/dist/block-library/style.min.css?ver=6.4.3
Requested by: Host: crediperuya.subsidiosdelgobierno.xyz
URL: https://crediperuya.subsidiosdelgobierno.xyz/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 45.77.82.226 Miami, United States, ASN20473 (AS-CHOOPA, US),
Reverse DNS: 45.77.82.226.vultrusercontent.com
Software: nginx /
Resource Hash: 0085adfd2d08a45f62a06d8f3f969ddc4a94ebe8d226511db90aa038f11ed180

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://crediperuya.subsidiosdelgobierno.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Thu, 07 Mar 2024 21:18:38 GMT
content-encoding: gzip
last-modified: Thu, 07 Mar 2024 21:11:37 GMT
server: nginx
etag: W/"65ea2d89-1ae43"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=31536000

GET
H2 200 styles.css
crediperuya.subsidiosdelgobierno.xyz/wp-content/plugins/contact-form-7/includes/css/ 3 KB
1 KB 211ms
210ms Stylesheet
text/css 45.77.82.226
AS-CHOOPA

General

Check archive.org

Show headers Download Go to

Full URL: https://crediperuya.subsidiosdelgobierno.xyz/wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.9
Requested by: Host: crediperuya.subsidiosdelgobierno.xyz
URL: https://crediperuya.subsidiosdelgobierno.xyz/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 45.77.82.226 Miami, United States, ASN20473 (AS-CHOOPA, US),
Reverse DNS: 45.77.82.226.vultrusercontent.com
Software: nginx /
Resource Hash: ccd31ffa708d025833f954b3e0560cedd58df9a0d2706b2ccee5f501c5b2467b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://crediperuya.subsidiosdelgobierno.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Thu, 07 Mar 2024 21:18:38 GMT
content-encoding: gzip
last-modified: Thu, 07 Mar 2024 21:11:37 GMT
server: nginx
etag: W/"65ea2d89-b4e"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=31536000

GET
H2 200 contact-form-7-main.min.css
crediperuya.subsidiosdelgobierno.xyz/wp-content/themes/astra/assets/css/minified/compatibility/ 882 B
584 B 213ms
212ms Stylesheet
text/css 45.77.82.226
AS-CHOOPA

General

Check archive.org

Show headers Download Go to

Full URL: https://crediperuya.subsidiosdelgobierno.xyz/wp-content/themes/astra/assets/css/minified/compatibility/contact-form-7-main.min.css?ver=4.1.6
Requested by: Host: crediperuya.subsidiosdelgobierno.xyz
URL: https://crediperuya.subsidiosdelgobierno.xyz/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 45.77.82.226 Miami, United States, ASN20473 (AS-CHOOPA, US),
Reverse DNS: 45.77.82.226.vultrusercontent.com
Software: nginx /
Resource Hash: a3c948a216530521f3cd0575e075c9f20308f610a9d2e0e2499f5c5ef30f58f9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://crediperuya.subsidiosdelgobierno.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Thu, 07 Mar 2024 21:18:38 GMT
content-encoding: gzip
last-modified: Thu, 07 Mar 2024 21:11:37 GMT
server: nginx
etag: W/"65ea2d89-372"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=31536000

GET
H2 200 astra-addon-65ea2564b807c8-53825764.css
crediperuya.subsidiosdelgobierno.xyz/wp-content/uploads/astra-addon/ 15 KB
3 KB 214ms
214ms Stylesheet
text/css 45.77.82.226
AS-CHOOPA

General

Check archive.org

Show headers Download Go to

Full URL: https://crediperuya.subsidiosdelgobierno.xyz/wp-content/uploads/astra-addon/astra-addon-65ea2564b807c8-53825764.css?ver=4.4.0
Requested by: Host: crediperuya.subsidiosdelgobierno.xyz
URL: https://crediperuya.subsidiosdelgobierno.xyz/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 45.77.82.226 Miami, United States, ASN20473 (AS-CHOOPA, US),
Reverse DNS: 45.77.82.226.vultrusercontent.com
Software: nginx /
Resource Hash: 4c9d82fbac0b42d9842ef9a6c467824d27774e31c0540929bb3c5507b8aac16f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://crediperuya.subsidiosdelgobierno.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Thu, 07 Mar 2024 21:18:38 GMT
content-encoding: gzip
last-modified: Thu, 07 Mar 2024 21:11:37 GMT
server: nginx
etag: W/"65ea2d89-3ab9"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=31536000

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 88 KB
29 KB 185ms
83ms Script
text/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: crediperuya.subsidiosdelgobierno.xyz
URL: https://crediperuya.subsidiosdelgobierno.xyz/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8d63a1ec5f5f41be4f13959de08bfdf1695b22d9309601855fbc80ddfaa8a5ae

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://crediperuya.subsidiosdelgobierno.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Thu, 07 Mar 2024 21:18:39 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 28712
x-xss-protection: 0
server: cafe
etag: 373 / 19789 / 31081677 / config-hash: 15620231259314761220
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
expires: Thu, 07 Mar 2024 21:18:39 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 282 KB
94 KB 166ms
77ms Script
application/javascript 2a00:1450:4001:80e::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-07X8FEBN1K

Requested by

Host: crediperuya.subsidiosdelgobierno.xyz
URL: https://crediperuya.subsidiosdelgobierno.xyz/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

0892ad2cbceefa334a8f1be3b74d8c0bf4760e4debef285f6fa11d141ad12bff

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://crediperuya.subsidiosdelgobierno.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Thu, 07 Mar 2024 21:18:39 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 96064
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Thu, 07 Mar 2024 21:18:39 GMT

GET
H2 200 cropped-logo-peru-creditos-128x104.jpg
crediperuya.subsidiosdelgobierno.xyz/wp-content/uploads/2024/03/ 5 KB
5 KB 228ms
228ms Image
image/jpeg 45.77.82.226
AS-CHOOPA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://crediperuya.subsidiosdelgobierno.xyz/wp-content/uploads/2024/03/cropped-logo-peru-creditos-128x104.jpg
Requested by: Host: crediperuya.subsidiosdelgobierno.xyz
URL: https://crediperuya.subsidiosdelgobierno.xyz/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 45.77.82.226 Miami, United States, ASN20473 (AS-CHOOPA, US),
Reverse DNS: 45.77.82.226.vultrusercontent.com
Software: nginx /
Resource Hash: a45b748cb381be1f8a5588c91782dfc239c9275bf539d5cb152591c13d254029

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://crediperuya.subsidiosdelgobierno.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Thu, 07 Mar 2024 21:18:38 GMT
last-modified: Thu, 07 Mar 2024 21:11:24 GMT
server: nginx
etag: "65ea2d7c-13f1"
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 5105

GET
BLOB 200
OK 4331b8bf-8b19-472b-95db-9a4f3ba598ee
https://crediperuya.subsidiosdelgobierno.xyz/ 1 KB
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://crediperuya.subsidiosdelgobierno.xyz/4331b8bf-8b19-472b-95db-9a4f3ba598ee
Requested by: Host: crediperuya.subsidiosdelgobierno.xyz
URL: https://crediperuya.subsidiosdelgobierno.xyz/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 453cb806084fdabec32e286af2e88899f79022125c2527afffbec507975d2c22

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

Content-Length: 1245
Content-Type: text/javascript

GET
H2 200 CREDI-PERU.jpg
crediperuya.subsidiosdelgobierno.xyz/wp-content/uploads/2024/03/ 66 KB
66 KB 217ms
217ms Image
image/jpeg 45.77.82.226
AS-CHOOPA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://crediperuya.subsidiosdelgobierno.xyz/wp-content/uploads/2024/03/CREDI-PERU.jpg
Requested by: Host: crediperuya.subsidiosdelgobierno.xyz
URL: https://crediperuya.subsidiosdelgobierno.xyz/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 45.77.82.226 Miami, United States, ASN20473 (AS-CHOOPA, US),
Reverse DNS: 45.77.82.226.vultrusercontent.com
Software: nginx /
Resource Hash: 970881c2a34b664bc20a5e4fb24b8633905164a772b2a400f891f27a3390b154

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://crediperuya.subsidiosdelgobierno.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Thu, 07 Mar 2024 21:18:38 GMT
last-modified: Thu, 07 Mar 2024 21:11:24 GMT
server: nginx
etag: "65ea2d7c-10882"
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 67714

GET
H2 200 corazonh.png
crediperuya.subsidiosdelgobierno.xyz/wp-content/uploads/2024/03/ 7 KB
7 KB 170ms
169ms Image
image/png 45.77.82.226
AS-CHOOPA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://crediperuya.subsidiosdelgobierno.xyz/wp-content/uploads/2024/03/corazonh.png
Requested by: Host: crediperuya.subsidiosdelgobierno.xyz
URL: https://crediperuya.subsidiosdelgobierno.xyz/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 45.77.82.226 Miami, United States, ASN20473 (AS-CHOOPA, US),
Reverse DNS: 45.77.82.226.vultrusercontent.com
Software: nginx /
Resource Hash: 769c6211eb1a26c89fa3d8a63371b2ea75294fd5b16a1ed2a90fd8f5878de7d3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://crediperuya.subsidiosdelgobierno.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Thu, 07 Mar 2024 21:18:38 GMT
last-modified: Thu, 07 Mar 2024 21:11:24 GMT
server: nginx
etag: "65ea2d7c-1aef"
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 6895

GET
H2 200 frontend.min.js Show response
crediperuya.subsidiosdelgobierno.xyz/wp-content/themes/astra/assets/js/minified/ 20 KB
5 KB 151ms
146ms Script
application/javascript 45.77.82.226
AS-CHOOPA

General

Check archive.org

Show headers Download Go to

Full URL: https://crediperuya.subsidiosdelgobierno.xyz/wp-content/themes/astra/assets/js/minified/frontend.min.js?ver=4.1.6
Requested by: Host: crediperuya.subsidiosdelgobierno.xyz
URL: https://crediperuya.subsidiosdelgobierno.xyz/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 45.77.82.226 Miami, United States, ASN20473 (AS-CHOOPA, US),
Reverse DNS: 45.77.82.226.vultrusercontent.com
Software: nginx /
Resource Hash: 694da45e033114445455ea32bc0448bd950165a0eda0f92e16b9ed32bf5eb493

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://crediperuya.subsidiosdelgobierno.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Thu, 07 Mar 2024 21:18:38 GMT
content-encoding: gzip
last-modified: Thu, 07 Mar 2024 21:11:37 GMT
server: nginx
etag: W/"65ea2d89-5081"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=31536000

GET
H2 200 index.js Show response
crediperuya.subsidiosdelgobierno.xyz/wp-content/plugins/contact-form-7/includes/swv/js/ 11 KB
3 KB 157ms
153ms Script
application/javascript 45.77.82.226
AS-CHOOPA

General

Check archive.org

Show headers Download Go to

Full URL: https://crediperuya.subsidiosdelgobierno.xyz/wp-content/plugins/contact-form-7/includes/swv/js/index.js?ver=5.9
Requested by: Host: crediperuya.subsidiosdelgobierno.xyz
URL: https://crediperuya.subsidiosdelgobierno.xyz/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 45.77.82.226 Miami, United States, ASN20473 (AS-CHOOPA, US),
Reverse DNS: 45.77.82.226.vultrusercontent.com
Software: nginx /
Resource Hash: 46e36dd6ca93014e4915c723632bf180d27cc96ccfb7c26e69213e1a82129a62

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://crediperuya.subsidiosdelgobierno.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Thu, 07 Mar 2024 21:18:38 GMT
content-encoding: gzip
last-modified: Thu, 07 Mar 2024 21:11:37 GMT
server: nginx
etag: W/"65ea2d89-2cf9"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=31536000

GET
H2 200 index.js Show response
crediperuya.subsidiosdelgobierno.xyz/wp-content/plugins/contact-form-7/includes/js/ 13 KB
4 KB 163ms
159ms Script
application/javascript 45.77.82.226
AS-CHOOPA

General

Check archive.org

Show headers Download Go to

Full URL: https://crediperuya.subsidiosdelgobierno.xyz/wp-content/plugins/contact-form-7/includes/js/index.js?ver=5.9
Requested by: Host: crediperuya.subsidiosdelgobierno.xyz
URL: https://crediperuya.subsidiosdelgobierno.xyz/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 45.77.82.226 Miami, United States, ASN20473 (AS-CHOOPA, US),
Reverse DNS: 45.77.82.226.vultrusercontent.com
Software: nginx /
Resource Hash: d702e5ed1e573918d912775ac1e88987fc177aa51efe1253a08f71ab54f96516

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://crediperuya.subsidiosdelgobierno.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Thu, 07 Mar 2024 21:18:38 GMT
content-encoding: gzip
last-modified: Thu, 07 Mar 2024 21:11:37 GMT
server: nginx
etag: W/"65ea2d89-32fe"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=31536000

GET
H2 200 astra-addon-65ea2564b84000-38682175.js Show response
crediperuya.subsidiosdelgobierno.xyz/wp-content/uploads/astra-addon/ 7 KB
2 KB 163ms
160ms Script
application/javascript 45.77.82.226
AS-CHOOPA

General

Check archive.org

Show headers Download Go to

Full URL: https://crediperuya.subsidiosdelgobierno.xyz/wp-content/uploads/astra-addon/astra-addon-65ea2564b84000-38682175.js?ver=4.4.0
Requested by: Host: crediperuya.subsidiosdelgobierno.xyz
URL: https://crediperuya.subsidiosdelgobierno.xyz/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 45.77.82.226 Miami, United States, ASN20473 (AS-CHOOPA, US),
Reverse DNS: 45.77.82.226.vultrusercontent.com
Software: nginx /
Resource Hash: 69be9078e0eadb2387e768c6c58c019cbc5aabd2ccd77b68c7c5924d7f665d07

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://crediperuya.subsidiosdelgobierno.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Thu, 07 Mar 2024 21:18:38 GMT
content-encoding: gzip
last-modified: Thu, 07 Mar 2024 21:11:37 GMT
server: nginx
etag: W/"65ea2d89-1d29"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=31536000

GET
H2 200 qkBIXvYC6trAT55ZBi1ueQVIjQTD-JqaE0lK.woff2
fonts.gstatic.com/s/karla/v31/ 13 KB
13 KB 129ms
41ms Font
font/woff2 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/karla/v31/qkBIXvYC6trAT55ZBi1ueQVIjQTD-JqaE0lK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Karla%3A400%7CRubik%3A600%2C500&display=fallback&ver=4.1.6

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

73351bb42cb7827d0cd08c5d5832140700139b86eb6dd9a49047017924cb3ed0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://crediperuya.subsidiosdelgobierno.xyz
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Tue, 05 Mar 2024 04:10:28 GMT
x-content-type-options: nosniff
age: 234491
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13184
x-xss-protection: 0
last-modified: Wed, 27 Sep 2023 15:40:27 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 05 Mar 2025 04:10:28 GMT

GET
H2 200 iJWKBXyIfDnIV7nBrXw.woff2
fonts.gstatic.com/s/rubik/v28/ 35 KB
35 KB 136ms
49ms Font
font/woff2 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/rubik/v28/iJWKBXyIfDnIV7nBrXw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Karla%3A400%7CRubik%3A600%2C500&display=fallback&ver=4.1.6

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

47374cb7d373f9a8450e1237c80bc5fe68c61fbf0cdf958df7a298143b7dd445

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://crediperuya.subsidiosdelgobierno.xyz
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Tue, 05 Mar 2024 04:48:30 GMT
x-content-type-options: nosniff
age: 232209
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35448
x-xss-protection: 0
last-modified: Thu, 29 Jun 2023 16:14:39 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 05 Mar 2025 04:48:30 GMT

GET
H2 200 cropped-logo-peru-creditos.jpg
crediperuya.subsidiosdelgobierno.xyz/wp-content/uploads/2024/03/ 23 KB
23 KB 161ms
161ms Image
image/jpeg 45.77.82.226
AS-CHOOPA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://crediperuya.subsidiosdelgobierno.xyz/wp-content/uploads/2024/03/cropped-logo-peru-creditos.jpg
Requested by: Host: crediperuya.subsidiosdelgobierno.xyz
URL: https://crediperuya.subsidiosdelgobierno.xyz/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 45.77.82.226 Miami, United States, ASN20473 (AS-CHOOPA, US),
Reverse DNS: 45.77.82.226.vultrusercontent.com
Software: nginx /
Resource Hash: 10ffe92c70e45084ba7f3be82b5dbf069eaa456abde5c41a790b7f3bcc60108a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://crediperuya.subsidiosdelgobierno.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Thu, 07 Mar 2024 21:18:39 GMT
last-modified: Thu, 07 Mar 2024 21:11:24 GMT
server: nginx
etag: "65ea2d7c-5bc4"
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 23492

GET
H2 200 wp-emoji-release.min.js Show response
crediperuya.subsidiosdelgobierno.xyz/wp-includes/js/ 18 KB
5 KB 145ms
145ms Script
application/javascript 45.77.82.226
AS-CHOOPA

General

Check archive.org

Show headers Download Go to

Full URL: https://crediperuya.subsidiosdelgobierno.xyz/wp-includes/js/wp-emoji-release.min.js?ver=6.4.3
Requested by: Host: crediperuya.subsidiosdelgobierno.xyz
URL: https://crediperuya.subsidiosdelgobierno.xyz/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 45.77.82.226 Miami, United States, ASN20473 (AS-CHOOPA, US),
Reverse DNS: 45.77.82.226.vultrusercontent.com
Software: nginx /
Resource Hash: 4f79a89d16a5f717110fe080c0bf90b7e05ff95a4c4983f64d33110bf5f9c230

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://crediperuya.subsidiosdelgobierno.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Thu, 07 Mar 2024 21:18:39 GMT
content-encoding: gzip
last-modified: Thu, 07 Mar 2024 21:11:37 GMT
server: nginx
etag: W/"65ea2d89-4904"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=31536000

GET
H2 200 pubads_impl.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202403050101/ 432 KB
136 KB 43ms
42ms Script
text/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202403050101/pubads_impl.js?cb=31081677

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8990aa15eac245af6c6e1659e307d87319e360dfb7841984e17aac14bc583c11

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://crediperuya.subsidiosdelgobierno.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Thu, 07 Mar 2024 12:01:33 GMT
content-encoding: br
x-content-type-options: nosniff
age: 33426
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 139160
x-xss-protection: 0
server: cafe
etag: 12239114432611093980
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
expires: Fri, 07 Mar 2025 12:01:33 GMT

POST
H2 204 collect
region1.google-analytics.com/g/ 0
269 B 134ms
46ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-07X8FEBN1K&gtm=45je4340v9179587841za200&_p=1709846318889&gcd=13l3l3l2l1&npa=1&dma_cps=sypham&dma=1&cid=1491876667.1709846319&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&pscdl=noapi&_s=1&sid=1709846319&sct=1&seg=0&dl=https%3A%2F%2Fcrediperuya.subsidiosdelgobierno.xyz%2F&dt=Gu%C3%ADa%20para%20financiar%20tus%20Sue%C3%B1os%20-&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&tfd=1126
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-07X8FEBN1K
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://crediperuya.subsidiosdelgobierno.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 07 Mar 2024 21:18:39 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://crediperuya.subsidiosdelgobierno.xyz
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 1f4cc.svg
s.w.org/images/core/emoji/14.0.0/svg/ 640 B
626 B 131ms
38ms Image
image/svg+xml 192.0.77.48
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.w.org/images/core/emoji/14.0.0/svg/1f4cc.svg

Requested by

Host: crediperuya.subsidiosdelgobierno.xyz
URL: https://crediperuya.subsidiosdelgobierno.xyz/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.48 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

s.w.org

Software

nginx /

Resource Hash

227d1b1d41bb4059230bd8400e89f73ce79d7cb3fc35dd471a40683ba3a1d6fc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://crediperuya.subsidiosdelgobierno.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

x-nc: HIT hhn 2
date: Thu, 07 Mar 2024 21:18:39 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Tue, 12 Apr 2022 03:53:43 GMT
server: nginx
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: image/svg+xml
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
cache-control: max-age=315360000
alt-svc: h3=":443"; ma=86400
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 1 KB
670 B 169ms
168ms Fetch
text/plain 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2139286977157707&correlator=3530699181838733&eid=31081677%2C44807746%2C31065644%2C31068897&output=ldjh&gdfp_req=1&vrg=202403050101&ptt=17&impl=fif&iu_parts=22861666105%2Ccrediperu.subsidiosdelgobierno.xyz%2CCrediperu_Interstitial_20240307&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=1x1&ifi=1&sfv=1-0-40&ists=1&fas=8&sc=1&cookie_enabled=1&abxe=1&dt=1709846319298&lmt=1709846249&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=-1&ucis=1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fcrediperuya.subsidiosdelgobierno.xyz%2F&vis=1&psz=0x-1&msz=0x-1&fws=2&ohw=0&ga_vid=1491876667.1709846319&ga_sid=1709846319&ga_hid=1660986978&ga_fc=true&dlt=1709846318658&idt=603&cust_params=id_post_wp%3D8&adks=2864746262&frm=20

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202403050101/pubads_impl.js?cb=31081677

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0b63a60691e74bcd804324fde8537df97fe3d2601cd9cb4b3c21b2e8ace810d1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://crediperuya.subsidiosdelgobierno.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Thu, 07 Mar 2024 21:18:39 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 641
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://crediperuya.subsidiosdelgobierno.xyz
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 725 B
350 B 450ms
450ms Fetch
text/plain 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2139286977157707&correlator=3530699181838733&eid=31081677%2C44807746%2C31065644%2C31068897&output=ldjh&gdfp_req=1&vrg=202403050101&ptt=17&impl=fif&iu_parts=22861666105%2Ccrediperu.subsidiosdelgobierno.xyz%2CCrediperu_Anchor_20240307&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=1x1&ifi=2&sfv=1-0-40&fas=1&sc=1&cookie_enabled=1&abxe=1&dt=1709846319305&lmt=1709846249&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=-1&ucis=2&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fcrediperuya.subsidiosdelgobierno.xyz%2F&vis=1&psz=0x-1&msz=0x-1&fws=2&ohw=0&ga_vid=1491876667.1709846319&ga_sid=1709846319&ga_hid=1660986978&ga_fc=true&dlt=1709846318658&idt=603&cust_params=id_post_wp%3D8&adks=2983011282&frm=20

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202403050101/pubads_impl.js?cb=31081677

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f6aaac8415d5d73a30859bf17616e4c3d399fee0b4e4c88ef9ca782fd09f44ba

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://crediperuya.subsidiosdelgobierno.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Thu, 07 Mar 2024 21:18:39 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 321
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://crediperuya.subsidiosdelgobierno.xyz
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 35 KB
14 KB 272ms
271ms Fetch
text/plain 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2139286977157707&correlator=3530699181838733&eid=31081677%2C44807746%2C31065644%2C31068897&output=ldjh&gdfp_req=1&vrg=202403050101&ptt=17&impl=fif&iu_parts=22861666105%2Ccrediperu.subsidiosdelgobierno.xyz%2CCrediperu_Content1_20240307&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=250x250%7C300x250%7C336x280&ifi=3&sfv=1-0-40&sc=1&cookie_enabled=1&abxe=1&dt=1709846319308&lmt=1709846249&adxs=245&adys=299&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=3&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fcrediperuya.subsidiosdelgobierno.xyz%2F&vis=1&psz=1111x26&msz=1111x0&fws=4&ohw=1600&ga_vid=1491876667.1709846319&ga_sid=1709846319&ga_hid=1660986978&ga_fc=true&dlt=1709846318658&idt=603&cust_params=id_post_wp%3D8&adks=3822060107&frm=20

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202403050101/pubads_impl.js?cb=31081677

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d40c004353e33729b0b07f63a9910cddfb195f4c6c14f67e2c78283208112f7b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://crediperuya.subsidiosdelgobierno.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Thu, 07 Mar 2024 21:18:39 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14328
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://crediperuya.subsidiosdelgobierno.xyz
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
800cf7c0b6238239c2fca5664f34691f.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 7CE0 6 KB
3 KB 248ms
115ms Document
text/html 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://800cf7c0b6238239c2fca5664f34691f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202403050101/pubads_impl.js?cb=31081677

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://crediperuya.subsidiosdelgobierno.xyz/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 07 Mar 2024 21:18:39 GMT
expires: Fri, 07 Mar 2025 21:18:39 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 pubads_impl_page_level_ads.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202403050101/ 46 KB
15 KB 46ms
46ms Script
text/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202403050101/pubads_impl_page_level_ads.js?cb=31081677

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202403050101/pubads_impl.js?cb=31081677

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b605b7cece0e1da919277b76806765638dec8e6be7830f7c5c2b8a1f4fdb43db

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://crediperuya.subsidiosdelgobierno.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Thu, 07 Mar 2024 12:02:09 GMT
content-encoding: br
x-content-type-options: nosniff
age: 33390
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15001
x-xss-protection: 0
server: cafe
etag: 1345689451901262485
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
expires: Fri, 07 Mar 2025 12:02:09 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 581 B
269 B 501ms
500ms Fetch
text/plain 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2139286977157707&correlator=3530699181838733&eid=31081677%2C44807746%2C31065644%2C31068897&output=ldjh&gdfp_req=1&vrg=202403050101&ptt=17&impl=fif&iu_parts=22861666105%2Ccrediperu.subsidiosdelgobierno.xyz%2CCrediperu_Content2_20240307&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=250x250%7C300x250%7C336x280&ifi=4&sfv=1-0-40&sc=1&cookie_enabled=1&abxe=1&dt=1709846319322&lmt=1709846249&adxs=293&adys=978&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=4&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fcrediperuya.subsidiosdelgobierno.xyz%2F&vis=1&psz=1015x26&msz=1015x0&fws=4&ohw=1600&ga_vid=1491876667.1709846319&ga_sid=1709846319&ga_hid=1660986978&ga_fc=true&dlt=1709846318658&idt=603&cust_params=id_post_wp%3D8&adks=2685349150&frm=20

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202403050101/pubads_impl.js?cb=31081677

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5909632bed476ab22e0ada877fff0b6f4b6bd13cd1297f444ba1c79b4b4051a0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://crediperuya.subsidiosdelgobierno.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Thu, 07 Mar 2024 21:18:39 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 240
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://crediperuya.subsidiosdelgobierno.xyz
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 552 B
262 B 72ms
71ms Fetch
text/plain 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2139286977157707&correlator=3530699181838733&eid=31081677%2C44807746%2C31065644%2C31068897&output=ldjh&gdfp_req=1&vrg=202403050101&ptt=17&impl=fif&iu_parts=22868958328%2Cperu.misubsidio.xyz%2CPeru_Content3&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=250x250%7C300x250%7C336x280&ifi=5&sfv=1-0-40&sc=1&cookie_enabled=1&abxe=1&dt=1709846319326&lmt=1709846249&adxs=293&adys=1124&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=5&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fcrediperuya.subsidiosdelgobierno.xyz%2F&vis=1&psz=1015x52&msz=1015x0&fws=4&ohw=1600&ga_vid=1491876667.1709846319&ga_sid=1709846319&ga_hid=1660986978&ga_fc=true&dlt=1709846318658&idt=603&cust_params=id_post_wp%3D8&adks=1518701068&frm=20

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202403050101/pubads_impl.js?cb=31081677

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9b57369d9bc82970c8e9f1f9d0cb2212f02b1382c742a819313488011d7fb412

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://crediperuya.subsidiosdelgobierno.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Thu, 07 Mar 2024 21:18:39 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 233
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://crediperuya.subsidiosdelgobierno.xyz
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 16 KB
12 KB 172ms
85ms XHR
application/json 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202403050101&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202403050101/pubads_impl.js?cb=31081677

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e91bb15b9e9bb28019628524b5451d99a55ed50d0353b032fddf7d3f0d56973b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://crediperuya.subsidiosdelgobierno.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Thu, 07 Mar 2024 21:18:39 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12435
x-xss-protection: 0

GET
H2 200 container.html Show response
800cf7c0b6238239c2fca5664f34691f.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame B1F4 6 KB
3 KB 42ms
41ms Document
text/html 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://800cf7c0b6238239c2fca5664f34691f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202403050101/pubads_impl.js?cb=31081677

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://crediperuya.subsidiosdelgobierno.xyz/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 07 Mar 2024 21:18:39 GMT
expires: Fri, 07 Mar 2025 21:18:39 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 afr.php Show response
ads.eu.criteo.com/delivery/r/ Frame 5042 170 KB
55 KB 265ms
142ms Document
text/html 2a02:2638:3::12
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://ads.eu.criteo.com/delivery/r/afr.php?z=ZeovLwAG7SIIVSPTAAmYIH16KdX8H8lxYy6jvQ&u=%7CrlNL4FeozktBkLQMuiP0nUmLVprtzmhvTTjFX3rbzy4%3D%7C&c1=JrbohDAzizBCiLKN5O6jHUI-6dJ9lV_AM8iEE4GHx4VBZk7o6r4u2Tz-b9i3H_G-X5MXpmH_vXDDH0SawykmzZuAftwpH9y4hW0aN2ewrhekG2q4XSkM65GSC5-OGk5g0KgBT7uk-InOUKpyr6Y-TNsmgx7RhsfdAYH1upSoWeTOo1yLVZpm6ZXfvW-34JjZomBXmSVXtztYMgRUH6cl-BrwZEq19xoVM5KLZm9htb0XZ_dZbrMw0XI5c88cB6F3zCv9N3nzEYo9N4CRQFC_C1uAJch7Onc1OJ-L-S8GyCPo3UrcCt-ebbplzqdyk8IWX4nxa9CECv3w4pExXtaU-BxBnbvOWq27qmp-PsgLMvz-btSw0S9wr-UU0G6k4oGMZtdsTIE6RFwy3hE55CIZ4zh6LaxtadjtcmBUKvy_-znoO513opltK-2EQbFp_aLzAapoLN0J7P9xeNRnE1lbCGY_1wk1Xzhg8v5ER8jA6Zaw8YIVC5kIjSO5Cil-1xm1-_Cy3PyDOeMGYY9gBg2EDpgLNOZICgw0RzxMyUBzXP2KWamqvc-x5RiOf6OewWMmd3EVdA1rBD6Fnav1XF3Z5oLqZVCkXLkOq7gbZQtUELpReTc08bEm9jmq0eVm9BVvL4H4nxfO9gp6g2DXlQwwsw&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCb_LvLy_qZaLaG9PH1PIPoLCm8AfJntKxXNWdkfdwwI23ARABIABglZqngrAHggEXY2EtcHViLTIyMzAzNjI3MTMyOTY1NTDIAQmpAslggL_tSbI-4AIAqAMByAMCqgTkAk_QzXIrXnIm2I2n1u8fH0Abz-kH7-sS96kB5y-yAjWaemaFAsukIHDA0L9TDrKKtsp_sqztDTskAducKF9TN5ajmFZHw6KTVAGJvzfkC5R7vvv4cUh5pAuKE8XE35J8ABSfUxK9EpruSiWgI7fDx9f-0pasiXC4Mn56WdM8EAAOHLhnO0yNk-GUib8bc-CIeUdm6DmUIkBFyngCX_3fqGjGVEYz0g5CkqiEKTYd7t08imqmShpN0CAcmhluKz0q5dX0Gz3SBRKqklcBNiJKod0C2sDksmTaEw_QDYXdUsFb3QAkIriLdHA00jAxhCQkStYkocqgLb9A6-OzHAFCZqyKaNxhRW7cv4nQTA7-Bxwmx9ZWxiYjw6OMJ6nvYly5BtLjsCiZl04cRqDbxynaSnzmAd42IoL22IiDFYjfMNqIljjJ2ARxKoTkSe8B1_W6UBzQqwVIqGGJrM9iJaGeBWlc-5Zu4AQBgAar7t-w7t2U2ewBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAqgHrb6xAtgHANIIKQiR4YBwEAEyB-uLgOC_gA06CYBAgICAgICUKEi9_cE6WKa88POJ44QD-gsCCAGADAHiDRMI7eTw84njhAMV0yNVCB0gmAl-0BUBgBcB%26num%3D1%26sig%3DAOD64_1izXrmUKrgPhGBfIvqGWoLfR-7BQ%26client%3Dca-pub-2230362713296550%26adurl%3D

Requested by

Host: 800cf7c0b6238239c2fca5664f34691f.safeframe.googlesyndication.com
URL: https://800cf7c0b6238239c2fca5664f34691f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::12 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

b8c8f2816e0f8a9920584ba6cefece6b5962456f0e8926ba03db61e2a1297c66

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://800cf7c0b6238239c2fca5664f34691f.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
access-control-max-age: 1000
cache-control: private, max-age=0, no-cache
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
date: Thu, 07 Mar 2024 21:18:39 GMT
expires: Mon, 26 Jul 1997 05:00:00 GMT
link: <pix.eu.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
p3p: CP='CUR ADM OUR NOR STA NID'
pragma: no-cache
report-to: {"endpoints":[{"url":"https://csm.eu.criteo.net/heavyad?cppv=3&cpp=fxkpTsaCmjteEFClkD7sENLy8tkBEAsgXQJXd4p1heIXXlH_BjZ1QXiRFP3hMI8HrN58vCVUiOj9vMcDEk4Uy5UvfXLM4uGcu8SG0rmPl_S7HX1FvN5QmD8ogk2F5DrivQ4YLbgs9vlT8TMyxXE_dGW4JzkAMO9-Dj1b2XhkCNkOD-dghTZSJbj2m7J8-du6OODGksRuq2r1Wx_9mg-NddCEonJjowTIqodBZtCR5ovneyy2ZJ0TJLEZ7CSQeocUBpzSGA"}], "max_age": 86400}
server: Kestrel
server-processing-duration-in-ticks: 81062390
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H2 200 window_focus_fy2021.js Show response
pagead2.googlesyndication.com/pagead/js/r20240306/r20110914/client/ Frame B1F4 3 KB
1 KB 205ms
120ms Script
text/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20240306/r20110914/client/window_focus_fy2021.js

Requested by

Host: 800cf7c0b6238239c2fca5664f34691f.safeframe.googlesyndication.com
URL: https://800cf7c0b6238239c2fca5664f34691f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://800cf7c0b6238239c2fca5664f34691f.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Thu, 07 Mar 2024 20:42:35 GMT
content-encoding: br
x-content-type-options: nosniff
age: 2164
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 21 Mar 2024 20:42:35 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
pagead2.googlesyndication.com/pagead/js/r20240306/r20110914/client/ Frame B1F4 20 KB
8 KB 126ms
41ms Script
text/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20240306/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: 800cf7c0b6238239c2fca5664f34691f.safeframe.googlesyndication.com
URL: https://800cf7c0b6238239c2fca5664f34691f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

535487d55c5cbf22bf933588a42e38efdc60bcbd42591420ed217db20cf423c6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://800cf7c0b6238239c2fca5664f34691f.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Thu, 07 Mar 2024 14:46:18 GMT
content-encoding: br
x-content-type-options: nosniff
age: 23541
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8212
x-xss-protection: 0
server: cafe
etag: 9277691884081322989
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 21 Mar 2024 14:46:18 GMT

GET
H2 200 ext.js Show response
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame B1F4 24 KB
7 KB 125ms
39ms Script
text/javascript 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js

Requested by

Host: 800cf7c0b6238239c2fca5664f34691f.safeframe.googlesyndication.com
URL: https://800cf7c0b6238239c2fca5664f34691f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://800cf7c0b6238239c2fca5664f34691f.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Tue, 05 Mar 2024 06:51:19 GMT
content-encoding: br
x-content-type-options: nosniff
age: 224840
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6402
x-xss-protection: 0
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Wed, 05 Mar 2025 06:51:19 GMT

GET
H2 200 ufs_web_display.js Show response
pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ Frame B1F4 207 KB
63 KB 128ms
44ms Script
text/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Requested by

Host: 800cf7c0b6238239c2fca5664f34691f.safeframe.googlesyndication.com
URL: https://800cf7c0b6238239c2fca5664f34691f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6afee967915e87f217a98c38c9d5ed411a339eac603c3f25364fea36cff27b9a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://800cf7c0b6238239c2fca5664f34691f.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Thu, 07 Mar 2024 20:42:36 GMT
content-encoding: br
x-content-type-options: nosniff
age: 2163
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 64070
x-xss-protection: 0
server: cafe
etag
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Thu, 07 Mar 2024 21:42:36 GMT

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 149ms
149ms Script
text/javascript 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202403050101/pubads_impl.js?cb=31081677

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://crediperuya.subsidiosdelgobierno.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Thu, 07 Mar 2024 21:18:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 07 Mar 2024 21:18:39 GMT

GET
DATA 200
OK truncated
/ Frame B1F4 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b6c1bc9e6308156cf76c437bda539513e896d00cc2e22f6e34b97acb6a8841a3

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame B1F4 0
0 73ms
72ms Image
text/html 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CWZOJLy_qZaLaG9PH1PIPoLCm8AfJntKxXNWdkfdwwI23ARABIABglZqngrAHggEXY2EtcHViLTIyMzAzNjI3MTMyOTY1NTDIAQmpAslggL_tSbI-4AIAqAMByAMCqgThAk_QzXIrXnIm2I2n1u8fH0Abz-kH7-sS96kB5y-yAjWaemaFAsukIHDA0L9TDrKKtsp_sqztDTskAducKF9TN5ajmFZHw6KTVAGJvzfkC5R7vvv4cUh5pAuKE8XE35J8ABSfUxK9EpruSiWgI7fDx9f-0pasiXC4Mn56WdM8EAAOHLhnO0yNk-GUib8bc-CIeUdm6DmUIkBFyngCX_3fqGjGVEYz0g5CkqiEKTYd7t08imqmShpN0CAcmhluKz0q5dX0Gz3SBRKqklcBNiJKod0C2sDksmTaEw_QDYXdUsFb3QAkIriLdHA00jAxhCQkStYkocqgLb9A6-OzHAFCZqyKaNxhRW7cv4nQTA7-Bxwmx9ZWxiYjw6OMJ6nvYly5BtLjsCiZl04cRqDbxynaSnzmAd42IoL22IiDFcrdEUgIBej0ftRW8AjEoEsP8P8MWjLIKbGAlcd7E9FOPTlUkUm14AQBgAar7t-w7t2U2ewBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAqgHrb6xAtgHANIIKQiR4YBwEAEyB-uLgOC_gA06CYBAgICAgICUKEi9_cE6WKa88POJ44QDgAoD-gsCCAGADAHiDRMI7eTw84njhAMV0yNVCB0gmAl-0BUBgBcBshcdChsSFHB1Yi0yMjMwMzYyNzEzMjk2NTUwGKjyjgE&sigh=KyamlxaQxlM&uach_m=%5BUACH%5D&cbvp=2&vis=1
Requested by: Host: 800cf7c0b6238239c2fca5664f34691f.safeframe.googlesyndication.com
URL: https://800cf7c0b6238239c2fca5664f34691f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://800cf7c0b6238239c2fca5664f34691f.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

GET
H2 200 notify
rtb.nl3.eu.criteo.com/google/auction/ Frame B1F4 0
126 B 169ms
47ms Image
text/plain 2a02:2638:3::9
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://rtb.nl3.eu.criteo.com/google/auction/notify?profile=14&payload=muz_GLikCdACmAKdg2ICAgAAABB0XFZBN5tZ4K2o3xAuL-pllbRGSFYr4iQsnQAAEgAACgpBUVVEQVFFQkFRHWgjOhJGvvbXLvs_rnUssw&wp=ZeovLwAG7SIIVSPTAAmYIH16KdX8H8lxYy6jvQ&cbvp=2

Requested by

Host: 800cf7c0b6238239c2fca5664f34691f.safeframe.googlesyndication.com
URL: https://800cf7c0b6238239c2fca5664f34691f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::9 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://800cf7c0b6238239c2fca5664f34691f.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Thu, 07 Mar 2024 21:18:39 GMT
strict-transport-security: max-age=31536000; preload;
server-processing-duration-in-ticks: 178055
server: Kestrel
content-length: 0

GET
H2 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 20B8 13 KB
5 KB 40ms
39ms Document
text/html 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://crediperuya.subsidiosdelgobierno.xyz/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 39730
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 07 Mar 2024 10:16:29 GMT
expires: Fri, 07 Mar 2025 10:16:29 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 5576 829 B
1 KB 143ms
50ms Document
text/html 2a00:1450:4001:806::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

90dceced606bcd5969565018b8ac35f3790d77041bc4c14f2ed0935b62ad79c2

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-Qu-Tkaoy9fUBaxWqvZUGUw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://crediperuya.subsidiosdelgobierno.xyz/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-Qu-Tkaoy9fUBaxWqvZUGUw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Thu, 07 Mar 2024 21:18:40 GMT
expires: Thu, 07 Mar 2024 21:18:40 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H2 200 privacy_small.svg
static.criteo.net/flash/icon/ Frame 5042 2 KB
1 KB 148ms
45ms Image
image/svg+xml 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/privacy_small.svg

Requested by

Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZeovLwAG7SIIVSPTAAmYIH16KdX8H8lxYy6jvQ&u=%7CrlNL4FeozktBkLQMuiP0nUmLVprtzmhvTTjFX3rbzy4%3D%7C&c1=JrbohDAzizBCiLKN5O6jHUI-6dJ9lV_AM8iEE4GHx4VBZk7o6r4u2Tz-b9i3H_G-X5MXpmH_vXDDH0SawykmzZuAftwpH9y4hW0aN2ewrhekG2q4XSkM65GSC5-OGk5g0KgBT7uk-InOUKpyr6Y-TNsmgx7RhsfdAYH1upSoWeTOo1yLVZpm6ZXfvW-34JjZomBXmSVXtztYMgRUH6cl-BrwZEq19xoVM5KLZm9htb0XZ_dZbrMw0XI5c88cB6F3zCv9N3nzEYo9N4CRQFC_C1uAJch7Onc1OJ-L-S8GyCPo3UrcCt-ebbplzqdyk8IWX4nxa9CECv3w4pExXtaU-BxBnbvOWq27qmp-PsgLMvz-btSw0S9wr-UU0G6k4oGMZtdsTIE6RFwy3hE55CIZ4zh6LaxtadjtcmBUKvy_-znoO513opltK-2EQbFp_aLzAapoLN0J7P9xeNRnE1lbCGY_1wk1Xzhg8v5ER8jA6Zaw8YIVC5kIjSO5Cil-1xm1-_Cy3PyDOeMGYY9gBg2EDpgLNOZICgw0RzxMyUBzXP2KWamqvc-x5RiOf6OewWMmd3EVdA1rBD6Fnav1XF3Z5oLqZVCkXLkOq7gbZQtUELpReTc08bEm9jmq0eVm9BVvL4H4nxfO9gp6g2DXlQwwsw&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCb_LvLy_qZaLaG9PH1PIPoLCm8AfJntKxXNWdkfdwwI23ARABIABglZqngrAHggEXY2EtcHViLTIyMzAzNjI3MTMyOTY1NTDIAQmpAslggL_tSbI-4AIAqAMByAMCqgTkAk_QzXIrXnIm2I2n1u8fH0Abz-kH7-sS96kB5y-yAjWaemaFAsukIHDA0L9TDrKKtsp_sqztDTskAducKF9TN5ajmFZHw6KTVAGJvzfkC5R7vvv4cUh5pAuKE8XE35J8ABSfUxK9EpruSiWgI7fDx9f-0pasiXC4Mn56WdM8EAAOHLhnO0yNk-GUib8bc-CIeUdm6DmUIkBFyngCX_3fqGjGVEYz0g5CkqiEKTYd7t08imqmShpN0CAcmhluKz0q5dX0Gz3SBRKqklcBNiJKod0C2sDksmTaEw_QDYXdUsFb3QAkIriLdHA00jAxhCQkStYkocqgLb9A6-OzHAFCZqyKaNxhRW7cv4nQTA7-Bxwmx9ZWxiYjw6OMJ6nvYly5BtLjsCiZl04cRqDbxynaSnzmAd42IoL22IiDFYjfMNqIljjJ2ARxKoTkSe8B1_W6UBzQqwVIqGGJrM9iJaGeBWlc-5Zu4AQBgAar7t-w7t2U2ewBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAqgHrb6xAtgHANIIKQiR4YBwEAEyB-uLgOC_gA06CYBAgICAgICUKEi9_cE6WKa88POJ44QD-gsCCAGADAHiDRMI7eTw84njhAMV0yNVCB0gmAl-0BUBgBcB%26num%3D1%26sig%3DAOD64_1izXrmUKrgPhGBfIvqGWoLfR-7BQ%26client%3Dca-pub-2230362713296550%26adurl%3D

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Thu, 07 Mar 2024 21:18:40 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 11 Feb 2020 14:30:28 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42ba84-6aa"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sun, 02 Mar 2025 21:18:40 GMT

GET
H2 200 adchoices_de.svg
static.criteo.net/flash/icon/ Frame 5042 2 KB
1 KB 147ms
44ms Image
image/svg+xml 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/adchoices_de.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

f5ac04f16be2eb0fbb4477e9e100a88674bda296ce7acf2419ec2898858b37f1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Thu, 07 Mar 2024 21:18:40 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 11 Feb 2020 14:27:58 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42b9ee-763"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sun, 02 Mar 2025 21:18:40 GMT

GET
H2 200 close_button.svg
static.criteo.net/flash/icon/ Frame 5042 308 B
637 B 144ms
43ms Image
image/svg+xml 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/close_button.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Thu, 07 Mar 2024 21:18:40 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Fri, 14 Feb 2020 13:51:32 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "5e46a5e4-134"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 308
expires: Sun, 02 Mar 2025 21:18:40 GMT

GET
H2 200 back_button2.svg
static.criteo.net/flash/icon/ Frame 5042 293 B
621 B 147ms
46ms Image
image/svg+xml 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/back_button2.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Thu, 07 Mar 2024 21:18:40 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 28 Apr 2022 09:09:48 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "626a59dc-125"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 293
expires: Sun, 02 Mar 2025 21:18:40 GMT

GET
H2 200 lg.php
cat.nl3.eu.criteo.com/delivery/ Frame 5042 43 B
348 B 154ms
40ms Image
image/gif 178.250.1.6
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cat.nl3.eu.criteo.com/delivery/lg.php?cppv=3&cpp=PjMeRT-X7vp3cqeqXozEVCspxlhsFXaeug_A3dr3ffDTXXUJiu2MB_LNazVTuA8lUSYJw-cCa1ou1sa0MI_uixRQy3lnP2Ch248WvHK5wFdT8oYNl_Cnm-ZLU-IZnKdohQTFG1aOzl0zcjy_UTR7WNnf47j3T8UmrkwjtmzUOmpQ51p4TPoEdg_fDZ601N-K95QO6aT88pu5VxD0eN8Hd-vFJHLqD4z4NNbwvtBXYudGRIoc4VSlTgDpUUHLIOn-1fsNnxmAUk-CbWBZ7XHspV3oMKcZw921BAnklpe-MHoEQOTJaMKPyJ2c5B2H2ACBMI4Fx9p3p4tvi2pzV5RRIjfRFy3BCD-SL3v6UYsYHDm2Zb7CaH0w_vezbdDhVQP2wX9X9AQ__WV4uAeXPPPFKrDul2zVw4EX2QbtXR7iEMTgHo1KLlvtQsVLNBq2xgqhKbYpOw

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.1.6 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 07 Mar 2024 21:18:39 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type: image/gif
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 1685122
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 webfontloader.js Show response
cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/ Frame 5042 12 KB
5 KB 147ms
61ms Script
application/javascript 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/webfontloader.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e0ee294b5487df566aad23b603fd902535634cfa957be8e7620396515afb1047

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Thu, 07 Mar 2024 21:18:40 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 4270
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 4420
last-modified: Mon, 04 May 2020 16:17:52 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb04030-30d9"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9rOdbNNWhu67KOWeUrzJ4zQM%2F4awmN5poptP%2BwUFki8L2SemJNyBElWNuCPy5CvNrnO8PuwlX4lNSb7t3K7VPqeY80T4DwKWUkmhi92hNs63%2FKEpQOFbjIScKq0S798LUwP6Ru44v7HDUrQK7gEWUKH0"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 860d9e8c4a3e4dcd-FRA
expires: Tue, 25 Feb 2025 21:18:40 GMT

GET
H2 200 O8T1Km08OhS5_Tz58jKeajrFynp-IyfJlJwKv1268Sc.js Show response
pagead2.googlesyndication.com/bg/ Frame 20B8 39 KB
16 KB 41ms
40ms Script
text/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/O8T1Km08OhS5_Tz58jKeajrFynp-IyfJlJwKv1268Sc.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3bc4f52a6d3c3a14b9fd3cf9f2329e6a3ac5ca7a7e2327c9949c0abf5dbaf127

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Thu, 07 Mar 2024 20:42:35 GMT
content-encoding: br
x-content-type-options: nosniff
age: 2164
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15541
x-xss-protection: 0
last-modified: Mon, 04 Mar 2024 15:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 07 Mar 2025 20:42:35 GMT

GET
H2 200 animejs.js Show response
static.criteo.net/animejs/ Frame 5042 12 KB
6 KB 67ms
51ms Script
text/javascript 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/animejs/animejs.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Thu, 07 Mar 2024 21:18:40 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 26 Mar 2019 17:44:11 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5c9a64eb-3181"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sun, 02 Mar 2025 21:18:40 GMT

GET
H2 200 3b98b9f704a54fdf9236d37c273be60b_cpn_336x280_1.jpeg
static.criteo.net/design/dt/19906/5081245/ Frame 5042 69 KB
70 KB 90ms
88ms Image
image/jpeg 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/design/dt/19906/5081245/3b98b9f704a54fdf9236d37c273be60b_cpn_336x280_1.jpeg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

8601abc2657e85da0394b346786a52f1132ab168d67c53aa6fd9ffb3a124f2ca

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Thu, 07 Mar 2024 21:18:40 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 06 Mar 2024 10:55:52 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "65e84bb8-11495"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 70805
expires: Sun, 02 Mar 2025 21:18:40 GMT

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame 5042 12 KB
13 KB 216ms
108ms Image
image/png 2a02:2638:3::10
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.eu.criteo.net/img/img?h=92&m=0&partner=19906&q=80&r=0&u=http%3A%2F%2Fstatic.nl3.eu.criteo.net%2Fdesign%2Fdt%2F19906%2F190812%2F319a2d5469c04e068839667ed003cd32_logo4.png&v=3&w=668&rid=4&s=BZpBwK3BHI2MZD8a9dCqqmWz

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

da2c764e98ccc0abe5b6c447dcf6665fc3ea8fa75d53f83be75de4fb603c76da

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Thu, 07 Mar 2024 21:18:39 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/png
cache-control: public, max-age=31104000
timing-allow-origin: *
content-length: 12613
expires: Thu, 06 Feb 2025 03:30:10 GMT

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame 5042 6 KB
7 KB 161ms
52ms Image
image/webp 2a02:2638:3::10
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=19906&q=80&r=0&u=https%3A%2F%2Fmedia.hoeffner.de%2Fmedias%2Fzoom%2F10986772_8-201811271526.jpg&v=3&w=400&rid=4&s=3S-F3M9hilAkHhRSnLn8kTbw&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

e1d2286535cfd82ea19a26fea046a648c1b6c1005dda5f6c47c551a65a466cf5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Thu, 07 Mar 2024 21:18:39 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/webp
cache-control: public, max-age=31104000
timing-allow-origin: *
content-length: 6456
expires: Tue, 18 Feb 2025 03:13:26 GMT

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame 5042 4 KB
5 KB 160ms
52ms Image
image/png 2a02:2638:3::10
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.eu.criteo.net/img/img?h=400&m=0&partner=19906&q=80&r=0&u=https%3A%2F%2Fstatic.nl3.eu.criteo.net%2Fimages%2F19906%2Fbadgeupdate.png&v=3&w=400&rid=4&s=sFPYPwb7keL_Ew6_IWjCVNv_

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

d50675d04142e9bfd9a7066718b8f5f9336d4000b1c8dc5542002955d9b002c7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Thu, 07 Mar 2024 21:18:39 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/png
cache-control: public, max-age=31104000
timing-allow-origin: *
content-length: 4547
expires: Sat, 22 Feb 2025 21:06:54 GMT

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame 5042 13 KB
13 KB 235ms
128ms Image
image/webp 2a02:2638:3::10
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=19906&q=80&r=0&u=https%3A%2F%2Fmedia.hoeffner.de%2Fmedias%2Fzoom%2F10988901_2-201901170915.jpg&v=3&w=400&rid=4&s=HT-B2xgh9xT3twAgW6yFT4TL&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

e0a82b20aefe334e5b19bb810c5e83ba6c5ce279c2ed5e6c685d2a158346fdba

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Thu, 07 Mar 2024 21:18:39 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/webp
cache-control: public, max-age=31104000
timing-allow-origin: *
content-length: 13118
expires: Fri, 07 Feb 2025 07:58:17 GMT

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame 5042 6 KB
6 KB 202ms
94ms Image
image/webp 2a02:2638:3::10
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=19906&q=80&r=0&u=https%3A%2F%2Fmedia.hoeffner.de%2Fmedias%2Fzoom%2F10986763_2-201811271523.jpg&v=3&w=400&rid=4&s=ZNc-GVb1rsBWGtBfRpf_q47K&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

fbaa20040418d2caff5d330771b040562b5c14dd13944f061f0013a57cfd742e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Thu, 07 Mar 2024 21:18:39 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/webp
cache-control: public, max-age=31104000
timing-allow-origin: *
content-length: 5786
expires: Thu, 06 Feb 2025 19:23:39 GMT

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame 5042 8 KB
8 KB 201ms
94ms Image
image/webp 2a02:2638:3::10
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=19906&q=80&r=0&u=https%3A%2F%2Fmedia.hoeffner.de%2Fmedias%2Fzoom%2F49850019_12-202401111243.jpg&v=3&w=400&rid=4&s=9GQ-VjejlrDfL7p6aeUexw2U&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

bf15abbfd2adc90d62c8487f9a9dc3f1d378ef56b052a5c61d7d7ec6e1924b93

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Thu, 07 Mar 2024 21:18:39 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/webp
cache-control: public, max-age=31104000
timing-allow-origin: *
content-length: 8306
expires: Fri, 07 Feb 2025 06:26:22 GMT

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame 5042 7 KB
7 KB 113ms
113ms Image
image/webp 2a02:2638:3::10
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=19906&q=80&r=0&u=https%3A%2F%2Fmedia.hoeffner.de%2Fmedias%2Fzoom%2F10988061_4-201811271552.jpg&v=3&w=400&rid=4&s=BfnK9xGz5VdcrL3QhdG4Ziv5&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

704ecfeb888e48c3d8856aa878d40cc7b59966910b39fbc047445a23a331fa8d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Thu, 07 Mar 2024 21:18:40 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/webp
cache-control: public, max-age=31104000
timing-allow-origin: *
content-length: 6882
expires: Wed, 19 Feb 2025 18:02:27 GMT

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame 5042 16 KB
16 KB 109ms
109ms Image
image/webp 2a02:2638:3::10
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=19906&q=80&r=0&u=https%3A%2F%2Fmedia.hoeffner.de%2Fmedias%2Fzoom%2F10988252_1-201811271553.jpg&v=3&w=400&rid=4&s=sluRRWL77_xxdWVU2JvG3KW2&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

cd4c2803bbb90f932f216a9c6d742ad2b152ae191b50a738cf5e4abf5089559a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Thu, 07 Mar 2024 21:18:39 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/webp
cache-control: public, max-age=31104000
timing-allow-origin: *
content-length: 16508
expires: Sat, 08 Feb 2025 08:48:49 GMT

POST
H2 200 all
csm.eu.criteo.net/ Frame 5042 0
128 B 245ms
45ms Ping
text/plain 2a02:2638:3::1a
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://csm.eu.criteo.net/all?cppv=3&cpp=fxkpTsaCmjteEFClkD7sENLy8tkBEAsgXQJXd4p1heIXXlH_BjZ1QXiRFP3hMI8HrN58vCVUiOj9vMcDEk4Uy5UvfXLM4uGcu8SG0rmPl_S7HX1FvN5QmD8ogk2F5DrivQ4YLbgs9vlT8TMyxXE_dGW4JzkAMO9-Dj1b2XhkCNkOD-dghTZSJbj2m7J8-du6OODGksRuq2r1Wx_9mg-NddCEonJjowTIqodBZtCR5ovneyy2ZJ0TJLEZ7CSQeocUBpzSGA&sds=2&rev=91031&sendBeacon=true

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::1a , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.eu.criteo.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Thu, 07 Mar 2024 21:18:39 GMT
strict-transport-security: max-age=31536000; preload;
cross-origin-resource-policy: cross-origin
server: Finatra
content-length: 0

GET
H2 200 criteo_logo_2021.svg
static.criteo.net/flash/icon/ Frame 5042 2 KB
1 KB 138ms
137ms Image
image/svg+xml 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/criteo_logo_2021.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Thu, 07 Mar 2024 21:18:40 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 27 May 2021 13:21:59 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"60af9cf7-891"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sun, 02 Mar 2025 21:18:40 GMT

GET
H2 200 privacy.svg
static.criteo.net/flash/icon/ Frame 5042 2 KB
1 KB 138ms
138ms Image
image/svg+xml 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/privacy.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Thu, 07 Mar 2024 21:18:40 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 19 Feb 2020 10:57:21 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e4d1491-646"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sun, 02 Mar 2025 21:18:40 GMT

GET
H2 200 opensans-400.css
static.criteo.net/design/googlefont/opensans/ Frame 5042 2 KB
899 B 75ms
74ms Stylesheet
text/css 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/design/googlefont/opensans/opensans-400.css

Requested by

Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/webfontloader.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

688a83886a5a759614fb53d73736845837de908ce3553b146471782995bc5943

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Thu, 07 Mar 2024 21:18:40 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 08 Dec 2022 14:11:03 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"6391f077-9fe"
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sun, 02 Mar 2025 21:18:40 GMT

GET
H2 200 opensans-700.css
static.criteo.net/design/googlefont/opensans/ Frame 5042 2 KB
900 B 74ms
74ms Stylesheet
text/css 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/design/googlefont/opensans/opensans-700.css

Requested by

Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/webfontloader.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

3cd346aff1efcc38119a600f75667ba0089a7a6bece2b905503fb7c0c65ddcb8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Thu, 07 Mar 2024 21:18:40 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 08 Dec 2022 14:11:05 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"6391f079-9fe"
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sun, 02 Mar 2025 21:18:40 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 5576 0
0 72ms
72ms Image
text/html 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_m202403050101&jk=2139286977157707&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 20B8 0
10 B 40ms
39ms Image
text/plain 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?rHVH-w
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Thu, 07 Mar 2024 21:18:40 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2 200 opensans-400-latin.woff2
static.criteo.net/design/googlefont/opensans/ Frame 5042 16 KB
17 KB 182ms
91ms Font
application/octet-stream 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/design/googlefont/opensans/opensans-400-latin.woff2

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/design/googlefont/opensans/opensans-400.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

b34551ae25916c460423b82beb8e0675b27f76a9a2908f18286260fbd6de6681

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://static.criteo.net/design/googlefont/opensans/opensans-400.css
Origin: https://ads.eu.criteo.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Thu, 07 Mar 2024 21:18:40 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 08 Dec 2022 14:11:03 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"6391f077-4164"
content-type: text/plain; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sun, 02 Mar 2025 21:18:40 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 73ms
73ms Image
text/html 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202403050101&jk=2139286977157707&bg=!CwilCEfNAAZsmiNCTJo7ADQBe5WfOBVGjqOZcy10X5cB512-tfeXfQp21fx4OIAd03MUx4yjWQuqt2WyjahLh3j4KIu9AgAAAGtSAAAAA2gBB5kC3b-tPfMBecJtaKyPwLvEq6OdB2i6g9txDwwdl8HJK7OsemutAxepKEKnBPpfY3E1zcue9be8SMHUvIpIbyJ5kI3wIObwA30ZlJqG30ahzzo-qH3DOACFbsJEX9vZOMShABGlvKX5OYk1pwftAV6wh52WhWHGo3W0Z-3B_dwOuLSJmYIi5j-5nA7Zl5onbSA7HWqNsd5etcWH-MMr-H0VeeQHYOm-vRtFW_uohGesAmst4mRRYoliMUGP9ExF3m8sB-siLsss02MtDNUmkErfcuiJ8k4KttPtHQr00EC6pDnAv3Q2aVa-8buZjSoaL5ErKrmMV4Fzkp4Z3Jlh_3g-J6D3GNG-rn73JGAniImOeq9Nlc4kllHyB_9foPEszT9o4Wi1TF2WUS8CbVgzcSGlNHHLyIA45wcfRS6ukh3KBSpla65UK-m9sq9YWMeX4V-veEf2GpsDJ_sW6vJKxlSy-JxvrYTsJyduh4XOhuxNPlGbA2VOu30l3zEQJW_KXPYHc3qhPIf1SVzREBmTBICdZa0X3-dL6KTBlay-P1GLtXNnug8xezXH12SqKbmyPZYCpgcUfJ9j1SFG52nHCXmDgeJ10_cS75OFtYO1BrKs0LBdnn1yiQKOP7_ZTaaP1cvOurlWglz03X886nXktqPRzI2psqglHSHFHkYd5etTGm5NVuY_1_DlA1JgFuQAHmyonM5k5O8EZaqKe6-xg3IpPHEAbkHvJkl5HCEa_uP6mzz5cZgzB83A8Xw3dEKrRIjskVlw8Ag9a1nf_pPEBm3AXNq6v5W95raSN8opPRJ73vZdXue1ODTlhxkw702i7UnctfBB70HtomSryv32VhF8ixHD9JXwR_zgZ7dmBwDELsN5wYOVCEkTbLhu8DwOZ9dvU-SkgcJVaDjIdAJtE1CwFucwaONtA76_Cv_Dx1iiH-HWiwT23vLI_qTdEB_6ydJzqcQWK1JkJKT-lKXBNIQ
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://crediperuya.subsidiosdelgobierno.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

GET
H2 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame B1F4 42 B
174 B 74ms
73ms Fetch
image/gif 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssaX-4SUZrXbMx2GRCbt94QvREHASDkWyxKIYfd2zdkVgRV6ZC6Kwiknf_619w-j7KDiq9Ojgf9LS5Cc-d1__ynwO-DQIeoV_u6d0gjXjz7vLh8NWvzHGVcwzyWFbQCuhmg9t7ILMeg6rD5&sig=Cg0ArKJSzOdCcYiOHnh4EAE&id=lidar2&mcvt=1000&p=298,632,578,968&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20240306&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=3822060107&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&co=577911900&rst=1709846319602&rpt=301&isd=0&lsd=0&met=ie&wmsd=0&pbe=0&vae=0&spb=0&sfl=0&ffslot=0&reach=8&io2=0

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://800cf7c0b6238239c2fca5664f34691f.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 07 Mar 2024 21:18:40 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 all
csm.eu.criteo.net/ Frame 5042 0
127 B 47ms
46ms Ping
text/plain 2a02:2638:3::1a
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::1a , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.eu.criteo.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Thu, 07 Mar 2024 21:18:40 GMT
strict-transport-security: max-age=31536000; preload;
cross-origin-resource-policy: cross-origin
server: Finatra
content-length: 0

GET
H2 200 3b98b9f704a54fdf9236d37c273be60b_cpn_336x280_1.jpeg
static.criteo.net/design/dt/19906/5081245/ Frame 5042 69 KB
70 KB 47ms
46ms Image
image/jpeg 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/design/dt/19906/5081245/3b98b9f704a54fdf9236d37c273be60b_cpn_336x280_1.jpeg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

8601abc2657e85da0394b346786a52f1132ab168d67c53aa6fd9ffb3a124f2ca

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Thu, 07 Mar 2024 21:18:43 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 06 Mar 2024 10:55:52 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "65e84bb8-11495"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 70805
expires: Sun, 02 Mar 2025 21:18:43 GMT

Verdicts & Comments Add Verdict or Comment

94 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

4 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.subsidiosdelgobierno.xyz/	1970-01-21 04:33:26	Name: _ga_07X8FEBN1K Value: GS1.1.1709846319.1.0.1709846319.0.0.0
.subsidiosdelgobierno.xyz/	1970-01-21 04:33:26	Name: _ga Value: GA1.1.1491876667.1709846319
.subsidiosdelgobierno.xyz/	1970-01-20 23:16:38	Name: __eoi Value: ID=c7190d1539cb56f6:T=1709846319:RT=1709846319:S=AA-AfjZbWTAyxoIIEiJxhKIB6ONQ
.criteo.com/	1970-01-21 04:19:02	Name: receive-cookie-deprecation Value: 1

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
other	warning	URL: https://800cf7c0b6238239c2fca5664f34691f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html(Line 15) Message: Origin trial controlled feature not enabled: 'attribution-reporting'.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

800cf7c0b6238239c2fca5664f34691f.safeframe.googlesyndication.com
ads.eu.criteo.com
cat.nl3.eu.criteo.com
cdnjs.cloudflare.com
crediperuya.subsidiosdelgobierno.xyz
csm.eu.criteo.net
fonts.googleapis.com
fonts.gstatic.com
imageproxy.eu.criteo.net
pagead2.googlesyndication.com
region1.google-analytics.com
rtb.nl3.eu.criteo.com
s.w.org
securepubads.g.doubleclick.net
static.criteo.net
tpc.googlesyndication.com
www.google.com
www.googletagmanager.com
178.250.1.6
192.0.77.48
2001:4860:4802:32::36
2606:4700::6811:190e
2a00:1450:4001:806::2004
2a00:1450:4001:808::2002
2a00:1450:4001:809::2002
2a00:1450:4001:80e::2001
2a00:1450:4001:80e::2008
2a00:1450:4001:810::2001
2a00:1450:4001:82a::2003
2a00:1450:4001:82b::200a
2a02:2638:3::10
2a02:2638:3::12
2a02:2638:3::1a
2a02:2638:3::3
2a02:2638:3::9
45.77.82.226
0085adfd2d08a45f62a06d8f3f969ddc4a94ebe8d226511db90aa038f11ed180
08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0
0892ad2cbceefa334a8f1be3b74d8c0bf4760e4debef285f6fa11d141ad12bff
095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6
0b63a60691e74bcd804324fde8537df97fe3d2601cd9cb4b3c21b2e8ace810d1
10ffe92c70e45084ba7f3be82b5dbf069eaa456abde5c41a790b7f3bcc60108a
227d1b1d41bb4059230bd8400e89f73ce79d7cb3fc35dd471a40683ba3a1d6fc
2d480a91fbe88d77986d732e9484ef3b4c326b7c6a785262ebf5a5987ce31e7d
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
3bc4f52a6d3c3a14b9fd3cf9f2329e6a3ac5ca7a7e2327c9949c0abf5dbaf127
3cd346aff1efcc38119a600f75667ba0089a7a6bece2b905503fb7c0c65ddcb8
3e00f328633eccb116ed74ae31ffb435407709d081ee6296f9ecf200ecc2e9ee
453cb806084fdabec32e286af2e88899f79022125c2527afffbec507975d2c22
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
46e36dd6ca93014e4915c723632bf180d27cc96ccfb7c26e69213e1a82129a62
47374cb7d373f9a8450e1237c80bc5fe68c61fbf0cdf958df7a298143b7dd445
4c9d82fbac0b42d9842ef9a6c467824d27774e31c0540929bb3c5507b8aac16f
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4f79a89d16a5f717110fe080c0bf90b7e05ff95a4c4983f64d33110bf5f9c230
535487d55c5cbf22bf933588a42e38efdc60bcbd42591420ed217db20cf423c6
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
5909632bed476ab22e0ada877fff0b6f4b6bd13cd1297f444ba1c79b4b4051a0
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
688a83886a5a759614fb53d73736845837de908ce3553b146471782995bc5943
694da45e033114445455ea32bc0448bd950165a0eda0f92e16b9ed32bf5eb493
69be9078e0eadb2387e768c6c58c019cbc5aabd2ccd77b68c7c5924d7f665d07
6afee967915e87f217a98c38c9d5ed411a339eac603c3f25364fea36cff27b9a
704ecfeb888e48c3d8856aa878d40cc7b59966910b39fbc047445a23a331fa8d
725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a
73351bb42cb7827d0cd08c5d5832140700139b86eb6dd9a49047017924cb3ed0
769c6211eb1a26c89fa3d8a63371b2ea75294fd5b16a1ed2a90fd8f5878de7d3
8601abc2657e85da0394b346786a52f1132ab168d67c53aa6fd9ffb3a124f2ca
8990aa15eac245af6c6e1659e307d87319e360dfb7841984e17aac14bc583c11
8d63a1ec5f5f41be4f13959de08bfdf1695b22d9309601855fbc80ddfaa8a5ae
8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395
90dceced606bcd5969565018b8ac35f3790d77041bc4c14f2ed0935b62ad79c2
970881c2a34b664bc20a5e4fb24b8633905164a772b2a400f891f27a3390b154
9b57369d9bc82970c8e9f1f9d0cb2212f02b1382c742a819313488011d7fb412
a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553
a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6
a3c948a216530521f3cd0575e075c9f20308f610a9d2e0e2499f5c5ef30f58f9
a45b748cb381be1f8a5588c91782dfc239c9275bf539d5cb152591c13d254029
a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37
b34551ae25916c460423b82beb8e0675b27f76a9a2908f18286260fbd6de6681
b605b7cece0e1da919277b76806765638dec8e6be7830f7c5c2b8a1f4fdb43db
b6c1bc9e6308156cf76c437bda539513e896d00cc2e22f6e34b97acb6a8841a3
b8c8f2816e0f8a9920584ba6cefece6b5962456f0e8926ba03db61e2a1297c66
bf15abbfd2adc90d62c8487f9a9dc3f1d378ef56b052a5c61d7d7ec6e1924b93
ccd31ffa708d025833f954b3e0560cedd58df9a0d2706b2ccee5f501c5b2467b
cd4c2803bbb90f932f216a9c6d742ad2b152ae191b50a738cf5e4abf5089559a
d40c004353e33729b0b07f63a9910cddfb195f4c6c14f67e2c78283208112f7b
d50675d04142e9bfd9a7066718b8f5f9336d4000b1c8dc5542002955d9b002c7
d702e5ed1e573918d912775ac1e88987fc177aa51efe1253a08f71ab54f96516
da2c764e98ccc0abe5b6c447dcf6665fc3ea8fa75d53f83be75de4fb603c76da
e0a82b20aefe334e5b19bb810c5e83ba6c5ce279c2ed5e6c685d2a158346fdba
e0ee294b5487df566aad23b603fd902535634cfa957be8e7620396515afb1047
e1d2286535cfd82ea19a26fea046a648c1b6c1005dda5f6c47c551a65a466cf5
e33983a2f276af47bd08abacbbad019f19d163994fdb8bd9c6e4beb75bdf52c5
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e91bb15b9e9bb28019628524b5451d99a55ed50d0353b032fddf7d3f0d56973b
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f5ac04f16be2eb0fbb4477e9e100a88674bda296ce7acf2419ec2898858b37f1
f6aaac8415d5d73a30859bf17616e4c3d399fee0b4e4c88ef9ca782fd09f44ba
fbaa20040418d2caff5d330771b040562b5c14dd13944f061f0013a57cfd742e

crediperuya.subsidiosdelgobierno.xyz Open in urlscan Pro 45.77.82.226 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

72 Requests

99 %HTTPS

83 %IPv6

12 Domains

18 Subdomains

19 IPs

3 Countries

970 kBTransfer

2317 kBSize

4 Cookies

0 Outgoing links

Redirected requests

72 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

crediperuya.subsidiosdelgobierno.xyz Open in urlscan Pro
45.77.82.226 Public Scan

Screenshot
Live screenshot

Full Image

72
Requests

99 %
HTTPS

83 %
IPv6

12
Domains

18
Subdomains

19
IPs

3
Countries

970 kB
Transfer

2317 kB
Size

4
Cookies

72 HTTP transactions
1 data transactions